conspiracy theories

By Mark | Published: April 28, 2011

The defining feature of a conspiracy theorist isn’t a rejection of the official story for something. That’s a key feature, but it doesn’t elevate one from the realms of the skeptic to a true tinfoil-hat-equipped, bona fide conspiracy theorist.

The hallmark of the conspiracy theorist, beyond the posession of a set of beliefs that deviate wildly from all existing evidence and common sense, is the inability to clearly articulate what level of evidence would be sufficient for them to lay aside their skepticism. Whatever demands for poof the conspiracy theorist makes you can be certain that, if their demands are met, they will immediately backtrack and redefine a new benchmark at which they will admit that their pet theory is incorrect, or subtley alter the core tennet of their belief to align with the new reality.

Because, for the conspiracy theorist, the truth isn’t important – the conspiracy is. The conspiracy becomes a defining aspect of their belief structure and they become incapable of letting go, because to let go of the theory would be to relinquish a part of their personality.

We see this behaviour in every major conspiracy theory but nowhere is this better exemplified than in the hateful and loathesome birther movement.

Phil Berg, who filed one of the original birther lawsuits, now believes that Obama was adopted by his Indonesian father and lost his US citizenship:

“I think the issue is that he’s not any more natural born. I don’t care if he releases his birth certificate or whatever,” said Berg. “Let’s see his records coming back through immigration”

Orly Taitz, once called ‘Queen of the birthers’ and who was responsible for a number of lawsuits, is verifying the document’s authenticity and now believes that the President is using a false social security number.

When you need to constantly refactor your theory in the face of each new piece of evidence that contradicts you then you no longer have a theory – you have an article of faith.

Posted in America, crazy people, politics | Leave a comment

this is what an actual privacy problem looks like

By Mark | Published: April 27, 2011

Image credit

How nice it is of Sony to come along and save us from a month of hyperbolic discussion of non-existant privacy issues in iOS and Android’s aGPS implementations by providing us with an actual, honest-to-goodness privacy breach to discuss instead.

There’s some good discussion of the fundamental nature of the breach and the longterm implications for Sony online already – here and here, for starters – so I won’t rehash much of the basic coverage. Instead I’d like to look at how this could have happened in the first place.

There are two basic scenarios for any IT security breach – that it was an inside job or that the breach occurred due to “hacks” by an external party. The odds are strongly in favour of Sony’s PSN breach being an inside job. We know this because IT security incidents, in general, are far more likely – in fact, as much as seven times more likely – to be caused by a rogue administrator or other internal employees than by external intrusion.

But it’s bad news for Sony either way. Knowing that the bulk of security incidents arise from the actions of employees rather than hackers, savvy enterprises act to minimise the risk of internal security breaches in the same way they work to secure their services from external intrusion. Employees are given only the least possible amount of system access required to perform their jobs, administrative access to systems is tightly secured and all access logged. Highly sensitive data – such as credit card information – exists in “secure data zones” firewalled off from the main corporate network environment in precisely the same way corporate data used by web applications is firewalled off away from the internet itself. For neither the corporate userbase as a whole nor the internet at large can be trusted. Paranoia is always the key to data security.

Sony are a large enough company, and the PSN database a valuable enough asset, that it’s near inconceivable that Sony weren’t taking the above steps to mitigate the risk of the data being compromised – but ultimately these steps failed. In itself that’s not particularly surprising; perfect security is impossible. What’s surprising is the extent to which security was compromised and the time it took Sony to identify and respond to the breach.

Why did it take a week for Sony to determine if there had been a data security breach?
Whether a result of internal or external intrusion the fact that the intruders were able to download the entire account information for a seventy-seven million PSN subscribers is inexcusable. Intrusion Detection Systems and automated risk profiling applications should have immediately identified a level of access that exceeded anything required for day-to-day operations.

The list of activities within an IT environment that may require a bulk read of every row of every table of a critical database containing highly sensitive customer data is extraordinarily short. The only obvious example is a backup application. Unless the queries occurred from a known backup server an alarm should immediately have been raised and the user account used to access the database disabled.

Evidently Sony were able to determine relatively quickly that PSN had been compromised to some extent, as evidenced by their decision to take the entire service offline. But that it took Sony a week to determine the scope of the breach points to a lack of adequate security monitoring, insufficient or inadequate tooling or misconfiguration of existing tools.

Why are passwords compromised?
Sony’s press release/blog post outlining the nature of the security breach specifies that account passwords have been compromised and users should change their passwords on other services if they shared a password with PSN. This represents perhaps the most fundamental failure in data security exposed by the PSN breach.

There is precisely zero justification for Sony to be keeping account passwords in cleartext within any database within their organisation. Basic data security principals dictate that account passwords should be salted and hashed with sufficiently strong algorithms that the likelihood of an attacker being able to decrypt the passwords should approach zero on an epochal scale. Evidently, for the PSN database, this was not the case.

Why don’t Sony know whether credit card data has been compromised?
PCI regulations, which govern the security practices organisations handling credit card information must put in place to protect their customer’s credit card details, alongside basic common sense, dictate that access to any system involved in the handling of customer payment details be subject to full audit logging. Audit logs must be shipped to external systems in order to ensure that even if the servers that store and handle credit card details are compromised the audit logs themselves remain secure and available for use for forensic purposes.

Sony’s inability to definitively state whether or not the security of its customer’s credit card data has been breached, again, indicates that these fundamental and regulated security practices are most likely not being followed.

Combined, these factors paint a picture of a company for whom the security of its customer’s data has not been a priority. Security breaches can and will occur but the scope and scale of the PSN breach indicates a systemic failure of IT governance and a blatant disregard for fundamental information security best practices.

Posted in data security, enterprise IT, Sony | Leave a comment

track this

By Mark | Published: April 26, 2011
The internet seems to have figured out how Assisted GPS works, and it doesn’t like it. It doesn’t like it one bit.

The first thing to point out, I think, because a certain contingent of the internet punditry brigade have decided that this revelation must immediately be turned into a stick with which to further beat the iOS vs Android horse, is that Android caches precisely the same data.

Here’s the output of Android’s location data cache:
$ ./parse.py cache.cell
db version:  1
total:       41

key                     accuracy  conf.   latitude    longitude  time
240:5:15:983885             1186     75   57.704031   11.910801  04/11/11 20:03:14 +0200
240:5:15:983882              883     75   57.706322   11.911692  04/13/11 01:41:29 +0200
240:5:75:4915956             678     75   57.700175   11.976824  04/13/11 11:52:16 +0200
240:5:75:4915953             678     75   57.700064   11.976629  04/13/11 11:53:09 +0200
240:7:61954:58929           1406     75   57.710205   11.921849  04/15/11 19:46:31 +0200
240:7:15:58929                -1      0    0.000000    0.000000  04/15/11 19:46:32 +0200
240:5:75:4915832             831     75   57.690024   11.998419  04/15/11 16:13:53 +0200
Compare and contrast with the iPhone’s location data cache :
CI		 Timestamp	Latitude	Longitude	AccuracyConfidence
196769687	306858899.8	-33.79464816	151.1914875	1500	90
78808909	307497296.2	-33.89795403	151.2098288	1500	90
78808911	307506560.8	-33.89293759	151.2039136	1500	90
78723747	308008772	-33.79670207	151.1811041	1500	90
78783294	308104094	-33.8842238	151.2066338	1500	90
78742991	308217181.1	-33.79704956	151.1957413	1500	90
78723098	308301684.8	-33.80716884	151.1686881	1500	90

The iPhone’s cache data is slightly truncated to fit within the available width here, but if you’d like to see the full schema for the cell tower location table click here for a PNG or here for an Excel spreadsheet.

So it’s worth noting that the contents of the logs kept on both Android and iOS devices is identical. In fact, it’s suspiciously identical. Perhaps it’s just because these are the obvious and only metrics you might look for in a location database, or perhaps it’s because both are most likely loosely based on the database schema Skyhook used (both Android and iOS, until relatively recently, relied on Skyhook for cached geolocation services).

Regardless, Google have openly stated that the purpose of their database is to provide aGPS functionality. Given that the contents of the databases are identical it seems entirely reasonable to assume that iOS’s consolidated.db is, indeed, a geolocation cache used for the purposes of aiding aGPS.

The biggest meaningful difference between how Google and Apple handle this functionality is that Android only retains locally the last 50 cell towers you’ve seen. This is a fairly basic trade-off – the contents of the cache on Android is potentially less interesting but as a result the cache itself is less useful. An Android device needs to get aGPS data from the internet more frequently than an iOS device because its local cell tower location cache is less exhaustive. More internet access means more battery usage and slower GPS lookups.

Google also state that they collect a device ID allowing their own database of cell tower records to theoretically be tracked back to an individual handset. The data appears to be anonymised. I don’t view this as a significant problem either way. I certainly don’t think Google are actually using this data to track individual Android owners and I think doing so would be difficult even though it appears to be possible.

Consolidated.db logs cell tower locations - not your phone’s location
The next thing to make clear is that this cache contains the location of cellular access towers and wifi access points. It does not directly track the location of the phone (and by extension, the user). The following image is pulled from my own consolidated.db file. It’s centered on my home address. Note that there is no marker over my home. The large blob on the left-hand edge is Vodafone’s Australian head office, and the cell tower I was most frequently joined to when my phone was with Vodafone. The various other blobs are nowhere near my house, nor are they spots along my daily commute. They’re simply other towers that the phone has seen:

This bears repeating: The contents of the cache are the locations of cellular access towers. Not the location of the phone. It’s certainly possible to interrogate the contents of the file and determine my rough whereabouts to within about a 2km radius. It’s largely useless for figuring out my whereabouts to any great level of accuracy. You aren’t going to be able to look at the contents of consolidated.db and determine my home or office address.

It is true that the data is sent to Apple. In addition to providing an offline, locally accessible location cache this data is also sent to Apple and used to let Apple build their own central cell tower location database. It’s further used, as is set out in the iOS Terms of Service, in the same was as your GPS-determined location – that is, to provide location-aware services for apps. This is non-controversial though – we already knew this, and within the iOS License Agreement it is made clear that your location will be shared for specific purposes, and the OS provides the ability to turn this functionality off. (That first link is worth reading, incidentally, for anyone who was actually surprised to discover that iOS has an offline location cache – it’s Apple’s response to Congress on precisely when, how and why they collect user’s location data. Pages six and seven in particular deal with the use of cell tower location tracking to enable assisted GPS capabilities.)

When location services are enabled on an iOS device the contents of consolidated.db is batched and sent to Apple twice a day. This ceases when location services are disabled – although, of course, the ability to use location-aware apps ceases along with it. Again, this is non-controversial. Android behaves in the same manner (although it seems updates are sent almost in real-time rather than batched). Neither OS shares your location with the OS vendor if location services are turned off.

With location services disabled, iOS ceases to maintain the local location cache. It does not delete the existing consolidated.db, which has, I think, lead to some confusion in commentary on this issue. But you can readily test this yourself – examine your own consolidated.db file, disable location services, and take your phone out and about with you. When you return, make another backup and examine the contents of consolidated.db again. The database will not have been updated beyond the point at which location services were disabled.

So with location services disabled there is, indeed, no tracking of your location occurring, either by Apple or by the device itself.

Broader implications of having an offline location cache
It’s certainly true that if I now need to determine your phone’s general location (within the ~2km radius of accuracy set out above) at a specific point in time, say for the purposes of a law suit, I can subpoena you for the contents of your consolidated.db file. But then I could always have subpoenaed your mobile phone company for the same information. It’s hard to see how this is a significant problem, or indicative of a privacy issue. It’s also true that if I steal or hack your computer I can probably interrogate your iOS backups to look determine the same information – your phone’s general location to within a couple of kilometres. This is completely circumvented by ticking the “encrypt iPhone backups” checkbox within iTunes, so if this is a significant concern to you then you should do just that and worry no more.

If I’ve hacked your computer and am now trying to figure out your home address then consolidated.db is useless to me – the data simply isn’t accurate enough. Much better, instead, for me to check your wireless access point’s MAC address against Google’s publicly query-able wireless AP location database. For my own home router this gives a location accurate to within a few feet.

So given all of the above, what are the actual, real-world problems raised by the existence of iOS’s cell tower location cache? From what I can see, there are none. In fact, I’m so convinced that there are none that I’m sharing my own consolidated.db file for any and all of you to download.

Further I don’t think it’s sensible to paint this as an iOS vs Android issue – both platforms are doing this, and it seems to be a good engineering solution to the problem of how to rapidly provide location data without the need to resort to internet access or to firing up the GPS radio. Trying to turn this into an issue of platform contention seems, to me, to be misguided.

That said, if there are privacy issues I’ve overlooked then let me know in the comments and I’ll try to address them.

Posted in android, apple, iphone | 1 Comment

ARM in the ascendancy

By Mark | Published: January 14, 2011

Note: The use of  ”x86″ also encompasses x64 extensions in this post.

Microsoft’s announcement at CES that Windows 8 will run on ARM-architecture CPUs is a pretty big deal but not a bombshell. Windows has, for most of the NT era, been available for two CPU architectures. The architectures in question have varied over the years – x86 and Alpha in the NT4 days, and x86 and Itanium since Windows 2000. With the announcement last year that Microsoft would not be bringing future versions of Windows to Itanium, an ARM port simply takes up the mantle of Microsoft’s secondary architecture.

What’s interesting, then, isn’t that Windows will be available for another ISA but rather that ARM in particular is the architecture of choice. Historically the non-x86 architecture has targeted high-performance applications – Alpha was primarily utilised in mid-range and big-iron servers, and Itanium almost exclusively so. By contrast ARM’s primary markets are embedded systems and smartphones – a very different set of vertical markets.

I don’t believe the abandonment of Itanium signals that Microsoft are ceding the mid-range server market. Rather I think it’s an acknowledgement Itanium itself failed to take significant marketshare within that segment, and simultaneously a recognition of the fact that modern x86 servers have reached performance, stability and manageability levels similar to other mid-range architectures, something that is in turn reflected by consistent growth in x86 server shipments and a slow but steady decline of traditional mid-range system marketshare.

Desktops, Laptops and Tablets

The timing of the move to offer Windows on ARM is driven by a number of factors. x86’s primary market segment – desktops and laptops – is shifting significantly. Demand for increased portability, a premium being placed on form-factor and battery life over outright performance, and a shift from “traditional” form-factors to smartphones and tablets, coupled with Intel’s difficulties in scaling x86 to milliwatt power envelopes, is a threat to Microsoft’s market dominance.

General purpose desktop CPU performance is largely a solved problem at this point. Netbooks and the iPad are both clear evidence of this and, although yet to prove themselves a marketplace success, “smartbooks” such as those based on Google’s Chrome OS – itself set to be available for both x86 and ARM – are a further indication of this trend. The most effective way to improve performance of a general desktop system today is to boost its I/O performance by adding a solid state disk, or to upgrade its GPU (for gaming and video acceleration but also, increasingly general computation). Nowhere is this better illustrated than in the 2010 MacBook Airs, laptops which use slow and practically ancient Core 2 Duo CPUs but which pair them with very fast GPUs and SSDs resulting in them matching (and occasionally outperforming) the latest Core i5 and Core i7 MacBook Pros across most applications.

In this sense providing an ARM build of Windows is a defensive measure. As consumer demand for devices currently best served by the power-sipping ARM architecture continues to grow Microsoft can capitalise on this growth to further grow Windows license sales.

Beyond this, ARM performance has reached the point where it is “good enough” to be able to support a full-blown desktop experience. And with nVidia’s announcement that they will be launching an ARM-based CPU, “Project Denver”, which will combine a number of ARM A9 cores with an nVidia GPU, neatly solves ARM’s biggest challenge for high-performance applications – SIMD performance. SIMD performance is ARM’s single single biggest weakness, and is also the GPUs greatest strength.

About those Windows 8 Tablets…

The most obvious implication of an ARM build of Windows and the reason that Microsoft chose to announce the porting of Windows to the ARM architecture at a trade show dedicated to consumer electronics is that Windows 8 will power a new generation of ARM-based Windows tablets with hardware, form-factors and battery life similar to that of the iPad.

Windows-based tablets have been a market failure for a decade and the past 12 months has done little to change that despite the appearance of a dozen mediocre Windows 7-based tablets from everyone from HP to myriad Chinese OEMs you’ve never heard of. There’s a case to be made that the problem with Windows tablets isn’t the hardware but the operating system – Windows 7 isn’t a touch friendly OS by any stretch of the imagination – but that’s probably material for another post. One way or another, though, being tied to x86 hardware certainly hasn’t helped their cause – despite Intel’s great leaps in efficiency over the past five years x86 tablets remain hot (making them uncomfortable to hold), noisy (due to the need for active cooling), bulky (due to the increased room required for active cooling and larger batteries) and generally continue to offer relatively disappointing battery life compared to that of the iPad, or even other ARM based tablets such as the Galaxy Tab.

It seems unlikely that ARM alone will allow Microsoft to garner a significant share of the tablet market, but who knows, perhaps Windows 8 will also feature a compelling touch-centric interface, perhaps Microsoft will win the essential developer support required to build a compelling library of touch-friendly Windows applications, and perhaps a Windows-based version of Motorola’s Atrix concept (more on Atrix in a later post) will be compelling enough to win over a significant portion of the tablet market. I doubt it, but it’s certainly not impossible.

Servers and Virtualisation

The existence of a “good enough” ARM CPU won’t just be felt in the desktop space – some level of datacentre adoption also seems certain. Amazon have been talking about ARM as a good physicalisation platform for web servers and this is likely to be the first workload where they see significant uptake. But the existence of an ARM-compatible build of Windows will facilitate much more widespread adoption across a range of different server workloads, from file and print to business logic servers.

Arguably the most disruptive technology to the traditional enterprise datacentre in the last five years has been virtualisation. Virtual server deployments overtook physical server deployments in Europe for the first time in 2009, and the worldwide server shipments should fall in line with this trend within the next two years. While improvements to server managability, availability and recoverability, and reductions in operating costs have been partly responsible for the rapid uptake of virtualisation there are two key factors that, more than any other, have driven virtualisation adoption.

These are; the outpacing of x86 compute capacity compared to server workload resource requirements; and the need for greater performance-per-watt in the datacentre due to power and cooling capacity constraints. These two factors are closely interlinked. While Moore’s law has continued apace, leading to an approximate doubling of compute capacity in a given server form-factor every 18 months or so, the majority of enterprise server workloads’ demands for resources has not kept pace. As a result the typical physical server operates at less than 10% average load. Huge amounts of purchased compute capacity goes unused.

The primary driver for virtualisation is therefore to get more efficient use out of computing resources – something necessary only because typical x86 servers now offer far more capacity than the majority of applications require.

Simultaneously datacentres around the world are reaching their power and cooling limits. In often cases it’s not possible, or cost prohibitive, to further increase capacity, yet business demand for new server instances has not decreased (and in fact continues to increase exponentially). Demand for more efficient server architectures has surged as a result.

The question isn’t whether or not an out-of-order multicore ARM CPU will offer performance comparable to existing multicore x86 CPUs – in all likliehood it will not, or at least will not in the short to medium term – but rather whether it can offer “good enough” performance for a range of applications while retaining its performance-per-watt advantage. As soon as it can then the case for physicalisation on smaller, cheaper and more efficient ARM-based systems should strike a significant blow to the leading drivers for enterprise virtualisation today.

I don’t think any of this means the x86 architecture is going away – datacentres are broad churches and already support a broad range of architectures, from POWER, SPARC and IA64 to x86 and x64. Rather I think this marks the start of a slow but inexorable transition in x86’s role as it becomes a true mid-range platform. Nor do I think virtualisation is going away although I expect it, too, will see a shift in focus, being used primarily for workload portability and for its operational benefits rather than its current primary role as a consolidation technology.

Posted in enterprise IT, virtualisation, windows | Leave a comment

UI issues in Twitter for Mac/Tweetie 2

By Mark | Published: January 7, 2011

Twitter for OS X, as made available via the Mac App Store and hereafter referred to as “Tweetie 2 for Mac” or “Tweetie 2″, is absolutely the best Twitter client for OS X available today. That isn’t necessarily saying a lot – I’m no fan of the state of desktop Twitter clients in general – but Tweetie 2, like Tweetie for Mac before it, manages to be more polished than any other Mac Twitter client. That said, Tweetie 2 has some major issues relating to missing features and UI quirks, a few of which I’ll detail here.

It completely ignores the HIG. I’m largely OK with this though. The interface is certainly very stylish and largely usable. However, a side effect of the completely non-standard window design is that the drag area is impossibly small, occupying only the space between the traffic light widgets.

Update: This is incorrect – the entire black sidebar area is actually draggable.


There’s also an odd issue with window positioning – it’s not possible to position the window in such a manner that the lower edge is below the notional top of the OS X dock. I’m not aware of any other application that behaves this way – the original Tweetie certainly didn’t.

Hiding the dock, or placing it on another screen edge, allows the window to be positioned on the bottom screen edge. Tweetie 2 seems to be ensuring it’s never positioned off the edge of the screen – a noble goal, perhaps, but it’d be nice if it’d let me position it in such a manner as to not waste a gutter of a pixels at the bottom of the display.

The video below shows the behaviour of the original and new versions of the app with regard to window placement.

Bizarrely Tweetie 2 no longer responds correctly to the unversal “Close Window” OS X keyboard shortcut, Cmd-W. Instead, issuing Cmd-W causes Tweetie 2 to hide – the functionality is identical to issuing Cmd-H. This is easily demonstrated by opening the Compose Tweet window, selecting the main Twitter window, then issuing Cmd-W, which causes the whole application to hide. Clicking its icon then restores both windows. The same occurs when using the menu commands for Close/Hide in place of the keyboard shortcuts. This is shown in the following video.

Tweetie 2, at long last, brings official retweet support to the OS X client – but actually using it spawns a modal dialogue. Worse, if the Tweetie 2 window’s width is less than that of the resulting dialogue box then the entire Tweetie 2 window is repositioned until the dialogue is dismissed. Retweeting when window is less wide than the retweet dialogue repositions the window, as shown in the following video.

There’s also some feature regression. It’s no longer possible to determine whether or not a user is following you – functionality previously available in the original Tweetie for OS X, and in both the iPhone and iPad Twitter applications.

Disappointingly, there are obvious and useful features from the iPhone client which haven’t been implemented, such as the ability to view your retweets, the ability to report accounts as spam, or add or remove users from a list. There’s no geolocation support, despite Snow Leopard’s inclusion of the same Core Location wifi positioning capabilities as the iOS devices, and the Profile view doesn’t display the total number of tweets for any account, including your own.

Update: It turns out it’s possible to report a user a spam via the user’s Profile page, though it’s odd this hasn’t been added to the (already overloaded) context menu.

The right-click/context menu options are much more comprehensive than they used to be but the lumping of a dozen or more actions into these menus seems unwieldy.

The only way to post an image is to drag and drop it into the New Tweet window. The ability to do so is a welcome addition, but the removal of the ability to browse to an image is a net usability loss.

URL shortening is now enabled by default, removing an extra step when posting but making it impossible to deliberately post a full link – something I do infrequently but occasionally have need for regardless. It’s also no longer possible to select which shortening service to use – all URLs are shortened via t.co, Twitter’s own URL shortening service.

Worse, it shortens everything. URL’s which are shorter than the resulting shortened URL are shortened anyway. URL’s to other shortening services such as bit.ly, for example, are re-wrapped as t.co URLs.

It’s such a shame – after the long, long wait for Tweetie to be updated to bring it up to the same standards of functionality and usability as the simple iPhone client, Twitter for Mac seems to miss the mark in such a large number of ways I wonder if it was rushed out to meet the Mac App Store launch deadline. While I’d normally hold out hope that these issues will eventually be resolved the glacial pace of development for the Mac version of Tweetie leaves little reason to be hopeful they will be fixed soon.

Posted in apple, mac, Twitter | 4 Comments

how to use your vodafone account to get free BT Openzone Wifi on your laptop

By Mark | Published: January 4, 2011

This post will be marked as “Private” until I’ve managed to convince Vodafone that this blog isn’t a porn site and therefore shouldn’t be hidden away behind their content filter. (update: I’ve sent off an appeal for reclassification to their filtering software vendor so I’ve made this public).

A great thing about the UK is the nearly pervasive wireless internet access – at some point BT had the foresight to go round and more-or-less blanket metro areas with wireless access, mostly by installing WiFi access points in phone booths and various other pieces of otherwise traditional telephone infrastructure. In addition to their own wireless internet service, BT also allow various partners to connect through them as well. You’ll see the network “BT Openzone” pretty much everywhere in the UK.

I picked up a pay-as-you-go Vodafone SIM card for my trip to avoid roaming costs, and even this (free) pre-paid SIM, with no additional charges required, provides unlimited free WiFi access via the BT Openzone network. In fact, from what I can tell, all you need is a free Vodafone SIM card and you can get lifetime WiFi access without the need to ever give them a penny.

There’s a caveat, however, in that access is only permitted from your phone.

Bummer.

Well, with a little experimentation I was able to figure out that it’s pretty easy to work around that in order to get access from a laptop, and here’s how it’s done.

First, you’ll need to enable developer extensions for your browser and modify your user agent string to something that looks like a mobile browser. I have mine set to represent itself as Mobile Safari for iPhone 4.1 – a two-click operation in desktop Safari but any browser should be capable of masquerading as an iPhone.

This done, you’ll need the following URL to get to the login portal for Vodafone customers: https://my.btopenzone.com/vfiPhoneUserRegistration/index.php

You need to manually enter that URL, as simply clicking through the BT Openzone portal screen to the Vodafone login page takes you via a JavaScript probe that will detect that you are using a desktop operating system and decline to take you any further. The above URL bypasses that particular hurdle, so bookmark it so you’ll always have it handy.

From there, if you’ve already created a Vodafone website account username and password you can simply use these to authenticate, and you’ll have full WiFi internet access from your laptop.

Whilst I’m sure this is outside the terms and conditions of my service I’m content to justify it on the grounds that no network will sell me a pre-paid mobile broadband SIM card, requiring you to buy a 3G dongle (which I don’t need) in order to use their mobile broadband plans. A flimsy excuse, perhaps, but there you go.

Posted in miscellaneous | 5 Comments

UK videogame prices

By Mark | Published: January 3, 2011

Holy bargains, Batman!

I’ve been crapping on about this on Twitter, but the prices on games here are simply fantastic compared to Australia. Part of this is due to the exchange rate, but mostly games just seem to be much more aggressively priced. A new game in the UK at retail seems to be priced between £40 and £50, about $60 to $75AUD at the current exchange rate, compared to $80 to $110 for new games back home. But older games, and in particular pre-owned games, are so cheap I couldn’t help myself from buying a stack to take back home (UK and Australian Xbox 360s share the same region code for games, so thankfully these will work no problem).

Here are a few price comparisons. I’m pulling prices from JB Hifi’s current sale prices, as in my experience they’re generally the cheapest source for games on the Australian high street.

Call of Duty – Black Ops – £45 (~$68AUD) vs $94AUD

Call of Duty – Modern Warfare 2 – £15 (~$22AUD) vs $64 AUD

Borderlands – £10 (~$15AUD) vs $44AUD

Bioshock 2 – £10 (~$15AUD) vs $44AUD

Darksiders – £10 (~$15AUD) vs  $99AUD

Bayonetta –  £8 (~$12AUD) vs $44AUD

Fallout 3 – £7 (~$10AUD) vs $49AUD

Fallout New Vegas – £18  (~$30AUD) vs $69AUD

Enslaved £20 (~$30AUD) vs $44AUD

I’ve picked up, so far, MW2, Fallout 3, Enslaved and Bayonetta and the total price has been under $70… to buy these back home would have cost $201.

Typically there will be 5-6 games a year I’m interested in enough to buy as soon as they come out. The rest get put on a list of games I’ll eventually get to when they come down to about $50, generally in the release schedule slump between January and August each year. At these prices I’m rather tempted to buy every single game that’s currently on my “B” list.

Posted in gaming, travel | Leave a comment

ebook indignation

By Mark | Published: December 31, 2010

So Twitter presented, via a retweet, the following righteous indignation to Amazon’s recent announcement of an eBook lending feature for their Kindle platform/bookstore/thing:

“My paper books can be loaned as long as I like, as often as I like, to whomever I wish”

This is true. But it’s also true that you can’t fit one hundred of your paper books in a carry on bag, you can’t replace a lost paper book for free, or forget to bring a paper book with you on a trip and then simply download it at no cost when you arrive at your destination.

By comparison you can travel with your entire eBook library more easily than you can a single hardcopy book, the loss of your Kindle requires replacing the device but not any of the books themselves, and any book you’ve purchased is available to you at no extra cost on any of the many devices Amazon offer a Kindle app for, even if your actual Kindle is a million miles away.

So sure, Amazon’s eBook lending criteria are more stringent than those for an actual, physical, paper book – but the argument that this somehow makes eBook’s less useful than “real” books ignores the various ways in which eBooks are better than their dead tree equivalents.

There are undoubtedly different benefits and drawbacks to both solutions, but that’s OK – eBooks and paper books are different products, priced differently, marketed differently, each offering advantages the other doesn’t and each with its own set of unique limitations. Whether or not that set of tradeoffs ends up being worth it is going to vary depending on an individual’s use case but claiming this is all the evidence needed to conclude that eBooks are universally worse than their paper equivalents is to wilfully ignore the many ways in which they can be better.

Posted in ebooks, new media | 2 Comments

reflections on home

By Mark | Published: December 28, 2010

I last lived in Glasgow in 1998, although I didn’t leave Scotland until 2003. I spent five years living and working in Aberdeen but that particular parochial backwater never felt like “home”. A marked feature of my current adventures in Scotland has been that, for the first time, making this intercontinental trip feels more like going on holiday than it does like going home.

Which isn’t to say that I think of myself as Australian – in fact, I’m clearly not, that particular country not yet having seen fit to offer me a passport. But Scotland, and Glasgow in particular, doesn’t really fit that roll for me now either. I feel vaguely stateless (although my UK citizenship remains intact).

A side effect of this has been the ability to look at Glasgow through a less nostalgic set of eyeglasses. So given that, I feel able to make some observations:

If you think you drink too much, I’d encourage a visit to Glasgow to dissuade you of that notion. Australia has a fairly significant drinking culture but it has nothing on Scotland. Granted, it’s the festive season, but everyone, it seems, is on it, and it’s never too early to start. I’d forgotten about the “pint and a nip” phenomenon, but ordering two drinks at a time isn’t unusual. I’m not passing judgement, nor am I really in a position to – I drink well at the best of times and being on holiday have killed more than a few hours downtime in the hotel bar – but it’d forgotten just how much and how often the average is here. Any time after sunset the entire population you might meet on the street or public transport seem utterly legless.

You can get a good coffee here, but it’s definitely harder to source one than in Sydney. Oddly, the Flat White, a distinctly Australian invention, seems to have caught on here despite the fact that even in Sydney I can rarely distinguish the Flat White from a latte.

I’ve been forced to come to terms with the fact that I may have over-romanticised some of traditional stand-out food items of previous trips home. The tattie scone remains a thing of wonder but the only Lorne Sausage I’ve tracked down so far was a dismal disappointment, flavourless, greasy and pretty well entirely unappealing. The great Glasgow curry at an old favourite restaurant was stodgy and generally unpleasant. A 59p sausage roll managed to deliver 59p of flavour and not a penny more. It’s not all doom and gloom on the food and drink front, though – Irn Bru continues to do that thing that it does, and a beer-battered black pudding at a West End pub was a genuine revelation and definitely characteristically Scottish cuisine.

I think I’d also forgotten just what Glasgow looks like. The Victorian and Edwardian sandstone architecture is striking, ubiquitous and remain’s one of Glasgow’s defining features. It seems to manage to look as good in the snow as it does in the rain and suits the city perfectly – large windows reveal warmly lit interiors to the cold, dark streets in a way that makes the houses look cosy and comforting even when the outside temperatures are below freezing.

But more than anything, the city feels smaller than I ever remembered. It’s easy to get around but there’s simply less of it than I remember. My sense of distance is no doubt shaped by having lived somewhere the size of Sydney, but a 20 minute taxi journey no longer seems like a very long way away.

There’ll be more to come on this subject, I’m sure, through the rest of my trip, but these are my initial impressions. In case this all sounds a bit negative I should point out that I’m having a great time – it’s fantastic to see my family and friends, and the people remain as awesome as they ever were – but I just wanted to document some of the initial culture shock on first returning “home”.

Posted in travel | Leave a comment

christmas travel debrief

By Mark | Published: December 27, 2010

Further to my previous missives on the subject of my holiday travel… I actually took off from Sydney on time, which is more than can be said for a lot of other people who were booked onto flights scheduled to be serviced by planes that had simply never departed their originating countries. And so I submitted to 15 hours of intercontinental air travel, cut off from the world and unable to keep abreast of the ongoing hilarity occurring at Heathrow.

We landed into Abu Dhabi, and into… uncertainty. The Abu Dhabi to Heathrow flight was scheduled to departed in three hours, at 2.30 local time, but ground staff were still unsure as to whether or not Heathrow airport would be open that day, much less whether or not we could expect to land on time. Abu Dhabi, like Heathrow, was full of people who had been unable to fly, many of them for days, and Etihad staff could only assure us that they would fly us to somewhere – that we should board the flight to Heathrow, and that if Heathrow wouldn’t or couldn’t let us land then they’d get us to the closest airport that would let us land – but that we should brace ourselves for the prospect that we probably wouldn’t be landing in where we were meant to, much less when we meant to.

OK, great, whatever. The uncertainty was unsettling but having made the decision to go all-in back when first boarding the flight out of Sydney, there seemed to be little option but to keep on keeping on and to board the theoretically-Heathrow-bound flight and hope for the best. There was ongoing confusion – my fight was announced to be delayed by six hours, but ultimately wasn’t. Improbably, we boarded and left Abu Dhabi on time while refugees from the same flight the day before remained asleep in the terminal.

There’s little to report, from me, on that flight. It’s an eight hour journey and I slept for seven hours of it. Seemingly against all odds, we landed in Heathrow. Upon landing I discovered Heathrow had only a single runway operating, was accepting only 30% of scheduled international flights, and yet despite this not only did we land, but we landed precisely on time.

Terminal 3 where we landed showed little initial evidence of the generalised chaos which had been reported. Mountains of unclaimed luggage littered the halls, but there was nobody asleep in the terminal. There were, apparently, 100,000 people effectively living in other parts of the airport at that point, but Terminal 3 seemed oddly unscathed by the general pandemonium that has been reported.

BA had been kind enough to email me to advise that my Heathrow to Glasgow flight had been cancelled. I queued to pass through immigration and customs, planning to find the BA service desk and find out how they intended to get me home. I expected to spend a day or so in London, behind several tens of thousand of other travellers on standby as Heathrow slowly came back online.

But BA, presumably in self-defence, had pulled out their entire ticketing and customer service staff from Heathrow. As a result there was nobody available to assist with rebooking my flight. Heathrow’s airport information staff suggested going to Terminal 5 – via bus – where they suggested there may be someone from BA who could help me rebook my flight. But I was stopped when trying to board the bus by airport security, who were refusing to allow anyone without a confirmed flight – ie, anyone at all – into the Terminal.

BA were unreachable by phone. Their phone line had been completely shut down and simply played a recorded message saying that due to extreme weather, their phone lines were closed, and that people should visit their website if their flight had been cancelled. – no option to speak to anyone, the line simply cut off at the end of the recording.

The BA website, meanwhile, upon taking my flight details, directed me to call their customer service number. So… yeah. More on this later, but suffice to say a complete customer service failure and frankly, what appears to be an effort by BA to completely avoid any interaction with their customer’s at all.

Various scenarios presented themselves at this point, few of them good – an eight hour train journey (and the distinct possibility of the rail network being similarly disrupted due to the weather) or a ten hour bus trip were both unappealing ways of significantly extending my already 36-hour long journey. Or I could stick it out in London, find a hotel somewhere and wait for Heathrow to reopen. It seems a lot of people in my situation elected to simply sleep in the airport – these people are crazy people, in my opinion, but perhaps for whatever reason they had no other options.

Instead, I pulled out my laptop and quickly discovered that Gatwick airport was open, and, further, that there was a seat available, albeit at an exorbitant rate, on a flight to Glasgow leaving in just three hours time. Gatwick’s website warned about the possibility of delays, disruptions and cancellations, but it seemed that at the very least I should give it a shot – and so I did. Minutes later I was on a National Express coach from Heathrow to Gatwick, with a booking confirmation for a midday flight to Glasgow.

Arriving at Gatwick a two hour delay had been announced but every indication was that my flight would operate – they let me check in and I headed to the departure lounge bar to kill some time. Gatwick, too, had thousands of people milling around or sleeping on floors, many of whom had been here for days. As I waited for the flight there were regular announcements of day-long delays or outright cancellations of other flights, but despite this, and against all odds, I actually boarded my flight on time and arrived in Glasgow a mere two hours later than I had originally planned.

There is still some wrangling to be done – I need my second flight refunded, and BA apparently owe me a couple of hundred Euros in compensation for the cancelled flight. But all things considered it could have been much worse. Arriving back into Glasgow I keep meeting people who have stories of friends or relatives who had ended up trapped in London airports for days at a time. I put my relatively pain-free experience down to sheer determination. I’m sure many faced with a cancelled flight would simply fall back on their travel agent or the airline to tell them what to do next, whereas I just decided to book the first alternative flight available and got on with things.

All things considered the journey was a mission of epic proportions but, ultimately, far less of a mission than I’d feared.

Posted in travel, UK snow | 3 Comments

  • Google+/-

    By Mark on June 30, 2011

    I haven’t used Google+ yet, and from a cursory glance it looks like it is at least somewhat more compelling than the damp squib that is Buzz, but here’s the thing – if I had to put together a list of things I’m generally wary of, it’d include: 1) Any new social networks 2) Google [...]

    Category: ,

    bad english

    By Mark on April 26, 2011

    The most pointless phrase in the entire English language may well be “There’s no comparison”. The only time this phrase is ever used is when the speaker is making a comparison between two things. A close runner up is “living their lives one day at a time”, usually used in reference to someone who has [...]

    Category: ,

    in which I point out that I was totally wrong

    By Mark on April 26, 2011

    This post on AirPlay and the iPhone dock connector? My conclusions – specifically that AirPlay is required principally because Apple can’t add HDMI to the existing dock – were totally incorrect.

    Category: , ,

    it’s not you, it’s me

    By Mark on April 2, 2011

    Those paying close attention to my Twitter stream (and there can’t be that many of you that do) may have noticed some amount of vocalisation on my part of a general dissatisfaction with my recent Twitter experience. I’ve found it very hard to pin down – it has been a general malaise, a decrease in [...]

    Category: ,

    Google, Chrome and H.264

    By Mark on January 14, 2011

    I was going to write a post on this subject (and I may eventually) but the following article does a good job of covering off most of the major talking points for now, so I’d urge you to read it. Ars Technica: Google’s dropping H.264 from Chrome a step backward for openness [Google's] explanation is [...]

    Category: ,

    super meat boy

    By Mark on January 9, 2011

    If you haven’t played Super Meat Boy, go watch this video at Giant Bomb which shows you everything you need to know. Then go buy it (or on Steam, si tu préfères). Super Meat Boy is AMAZING. It’s also terrible, cruel, sadistic, malicious, frustrating beyond words and horribly addictive. The gameplay is fascinating, ultra-fast-paced and [...]

    Category: ,

    a little MacBook Air update

    By Mark on January 4, 2011

    A solid month since receiving the (hopefully) final replacement for my MacBook Air I should probably report back on its stability – and the good news is, it has indeed been stable. In fact I’ve had no problems with it at all. It’s hard to say if this was indeed a hardware issue, or whether [...]

    Category: , ,

    Sony Ericsson’s PSP Phone

    By Mark on January 1, 2011

    Given that the PSP sucked, the PSP Go sucked, Sony Ericsson’s phones suck, their Android phones really suck, and Android, in general, sucks, I’m going to go out on a limb and predict that the Sony Ericsson Android-powered PlayStation Phone is going to suck. (said with tongue in cheek, for the humour impaired, though I do, generally, [...]

    Category: , ,

    novelties

    By Mark on December 30, 2010

    Cold enough to see your breath in the air. Cold enough for the grass to crack, shear and shatter beneath your feet. Proper pints, and pints, everywhere. Ubiquitous central heating and a clear demarkation between the warm, cozy indoors and the harsh cold outside. The Glasgow accent on people of wide and varying ethnic backgrounds. [...]

    Category: ,

    censored

    By Mark on December 28, 2010

    So apparently Vodafone UK think that my blog is “adult content”, despite its (disappointing) lack of bare flesh or rude words. The image below is the page http://markhugh.es redirects to when visited from my iPhone and UK pay-as-you-go Vodafone SIM card. Is there a way to get them to remove me from their filtering system? [...]

    Category: ,